Assembling Metadata for Database Forensics

Abstract : Since information is often a primary target in a computer crime, organizations that store their information in database management systems (DBMSs) must develop a capability to perform database forensics. This paper describes a database forensic method that transforms a DBMS into the required state for a database forensic investigation. The method segments a DBMS into four abstract layers that separate the various levels of DBMS metadata and data. A forensic investigator can then analyze each layer for evidence of malicious activity. Tests performed on a compromised PostgreSQL DBMS demonstrate that the segmentation method provides a means for extracting the compromised DBMS components.
Type de document :
Communication dans un congrès
Gilbert Peterson; Sujeet Shenoi. 7th Digital Forensics (DF), Jan 2011, Orlando, FL, United States. Springer, IFIP Advances in Information and Communication Technology, AICT-361, pp.89-99, 2011, Advances in Digital Forensics VII. 〈10.1007/978-3-642-24212-0_7〉
Liste complète des métadonnées

Littérature citée [11 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01569562
Contributeur : Hal Ifip <>
Soumis le : jeudi 27 juillet 2017 - 08:22:33
Dernière modification le : vendredi 1 décembre 2017 - 01:16:43

Fichier

978-3-642-24212-0_7_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Hector Beyers, Martin Olivier, Gerhard Hancke. Assembling Metadata for Database Forensics. Gilbert Peterson; Sujeet Shenoi. 7th Digital Forensics (DF), Jan 2011, Orlando, FL, United States. Springer, IFIP Advances in Information and Communication Technology, AICT-361, pp.89-99, 2011, Advances in Digital Forensics VII. 〈10.1007/978-3-642-24212-0_7〉. 〈hal-01569562〉

Partager

Métriques

Consultations de la notice

57

Téléchargements de fichiers

35